Oracle Database Server CREATE_SCN_CHANGE_SET Standard Procedure SQL Injection Vulnerability

Oracle Database Server CREATE_SCN_CHANGE_SET Standard Procedure SQL Injection Vulnerability

Solution:
Oracle has released a Critical Patch Update (Critical Patch Update - April 2005) to address these issues. Information regarding obtaining and applying an appropriate patch can be found in the Oracle Critical Patch Update in references.

Pre-Installation Notes for Oracle Database Server can be found at the following location:

http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=301045.1